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{Adapter Having Secure Function and Computer Secure System Using It} 
5 [7l#^o>l 

^^Ei^i ^^51}- ^tb til^^^ ^^^^ w>>=^ 

15 <^ 'y-¥-«:^^ ^;^Ki-7lBfl A^tijii- -B5l-olti.s:>^ ^K^9l 

cf<ao]T^, H ^A^<y 7fl«J->^^ (openness)^ (standard)^ H ^>-g- ^^p} 

<^1, ^^^^ <y:^^V ?1^q?floi^ ^^<^1^-1 <yBl^oi 7>xiji e 

1 




¥^>7fl ^^<^i, ^}-%-^}^ ^^AM.)7} ^]3^}^] n^j 1- 

-^"^^V 7ltil:0.s ^^B^ofl ^n^^ ^5iofl 

7> ^^B^ Al^E^c^l jii^^l ^^sloi ^:\^^ iflxl ^-lelslJi ^nf. ^, ^ 

-g-^>o] Wl^;^]-^^ E}o]ol A>-g.^ ^ ^Z^-tV ^47> ^2fl^ 

20 ^, 7li^l- A>-§-^>c^ ^^E-1 Al^B^oll ^>^^ ^ ^^E-1 

SEtt, ^^<H1 M]<=>]S. ^]S.B]^^ -f-7Hl-<^ Al-g-;<XUser)7l- 

2 



FCT/KR G 1) / C C 1 1 



^ 9X^^ ^^y-i: -s-^v^ ^>^^ ^-i^^ ^ ^^H^7> 7>^§>cf. 

^ '>^SL^^<^ ^^El A]>^Bflo]] ^^s:>Jl ^<y:2.= ^ 

10 <a-^S}-^M ^Jl ^^Ei Aj^EflAS ^^^>^ ^^^^S 

nq-el-Ai 7]^:^'^^ ^£ ^ji, ^^ 7)^:^1- ^ 7]^ 

15 ("Ji'?>7l")l- A>^*>7m- 7]^ 711-^ 2:^(^1^ ci CTRL71+ALT71 

+SHIFT7l+S7l)^ ^]-§-*>^ ^ 9X^. 7l» ^>-g-^ 

til ^711- ^^Ei AliE^o.^:^Ei^ 
3 



'^CT/KR 0 ') / " 1 1 



^e^H'Hl ^]^^ 

til^^ll- ^S^^*>Ji, ^913.^ ^42^ ^^/«fl;Hl 

20 tl- ^l^lofl ^^*>7ll ^rf. 

^1-71 «a-X3^-^(stream cipher)^ ^^■lej^S.^B^ 

1- Wl^7lSAi <y-^Sl-3:>^i:-1], <y-^^ 2-^ ^^^'^l -S-^^ ^ 

o^^oil ttfEl-A^ ^i-o]^ oj-^sj. ^^7> ^-g-SlJl alH7> rf^- 



PCT/KR 0 0 / C 2 ! 1 




tiiH^^ ^^si-si7i nfl^-'^i ^s.7> 

Jisl- 2|-;goli4 ^^3il-:^oi]A-^ tilB<^l ^^JS^^ 511 ^(channel error) 

^ '^^^'^l wlH<^l^ ^ wlHl-oll^ 2|-^(propagation)c:>l 

5 ^ ^^^^ ^>-§-^ ^£ 9X^. 

;S-^1<^^ SiJi, ^^E^ ^^1 

10 ^>^Al ^lol^-"^^ ^-SL^ ^^«K "^^l* 1:^ 7l:e.^«^l^ 

^^^^ ^ £ 2'Hl^ ^^Ei Afolofl S.^^ 

15 ^ ^^^^ J^^y: ^'S^-I'^m ^>M- # ^l^oi-^ S^l^H* 1: ^ 

^H, :a^^>Eili- a^i^v^ ^ova^ sai^s -oi oi^.. o] ^oys. 

:b SAl^^7l- ^^ElJl, ti^2.H ^^1 ^1-EfloiiA^^ S.9}:3.B. S^l ^H7> 
20 i^sl^^, ti<t!:£^ ^T-Bfl<^]>H^ S.9}:S.^ S^l ^^71- ^7]^o_s. 

ii<?>2.:^ 1:^ ^]^% ^91^] «1 

^7ls^ A^^jol ^]tJi\S. ol^o^^l^l oyo. ^Elll- SlT^ltl:^. ojei^V tl<?VS.^ 

a^l^H^ «V:e.a1 :e.<?> ^H'Stioll^ ^^1*>^<^> *^>^^, ^-¥-'^1 

ttl-Ej-^i^ ^^Bi ^^1 71 2.qEi ^Voii ^^l§ ^ ojnf. ;g 

5 
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7>s<"iol: 7>s")i- <?]-j:%7l<?^^ is^HlAis ^^^>Ji ^ 

^^^i ^]^^}'=^ ^}S."Si\- n]M/^]€\^S. 

^^?;tol ^'a^M til^^J: l-^^l A>^^ ^^E^ A]>r^^oll ^ 

^^5}-^<Hl <?jAi ^-^^v^ 401^711- ^>^l^>n^, ^^^i n 

6 
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5). ^>S-^ ^i^J-A] Af-g-^ tijigwiJiSil- A>-g-^XUser)7> <y 

^^^"^ «li2*><^, ^^tb -H-JLt!: ^^-^S- ^l^*>7ll ^cf. 

20 ^J-s]^ 9X^ ^^^^ ^fls. <a^€ wl'S^JiS^Ei ^flA]- 

^•^1 ^-21- ^1-71 ^o]^f]7} Vi]l^6\]A^ ^^]^^. 

7 
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cfla^^ ^1^^ MAC «fl4^^^, MDC «I14^^^,MD4 ^fl4=l^^,MD5 «fl 
^^(Integrity Identification)^ ^#^>S^ ^^1 ^ 

cf^J:^]: 'a::ael^^ ^^^><^ ^>-g-«- ^ 51-^^, H CRC(Cyclic 
Redundancy Checking: <^^Jiel#<^l ^^1 w>^^^>c}. CRC 

<^J1B^^^ K7flsl tilBS. ^^^^ t^lolE^l- iHlo]E^l- 
n+i 7flSl 55fl^A^ M-^r^ ^^S^ n ^1:^ 7^o]Q] v}x^^]^ z^]o] 

10 tilH 2.¥ k+n 7fl^ BIBS cll^l^il- 

ZLSlJl, ^^3r>^ ^<HlAi^ n 7l]2^ tijHS T^^^S^ol sfl^o. 

^# ^^^^ '^iSl#o.^A^^ dl^^lB^l: ^^t!: ^'HlA-l i4n1^l7]-0 

o]^ C-flolBl ^^oll ^^-7} ^o]ji^ ^^^]7} lol^ ^^ofl ^ 

o]^7lS 7\^o] CRC ^>S. CRC ^k")^ ^M^S.^ 

CRC CRC ^")4r 7^1^^>^ ^}S.75l^ ^lS.Sl<>11 :^i^^>^, 

7} <a^*}- al^«l:£S-^E^ "til^^ls: CRC 7;>^^i^> ^lS-Bl<^1 

20 ^-1^i-5l<>l "wj^^J: CRC wlm^l-^ «J-^-5-S, ^^^^ cflolB^ 

^H^^ CRC 4 s ^l-LV^ CRC ■S-'^^V ^-f ofl^, ;^>S ^-I^J-Al ^> 

SX^-i: 5^<?I*>711 ^cf. ^l-7H]Ai 16 SE^ 32 tilB^«K ^ ^ 

8 
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5 :=^>^^-1^ ^^^i ^91^'^ "^jtisl- :^>s. 

7l '"a-Jl^ T^S. ^^^^ ^tl^"^ <a-^5l-^ ;^>^7l- ^^^ol ^:\7^^s\$X^:^] 

7im*><:^ ^>^^U> tJll2.5lo11 ^^^o] ^J:^ ^^^^ 

tilJIL^o.^>«] o]M. ^oi^ ^ o;ir^. ^^^"l, 
^ 51^ S-** ^7H>7lM- ^1-71 7l^ J^lr^i] oie^i^ 7]^ 

^7}-*>o^, >^V7l ^a-SSf ^>^51 X-I^V^ 4^2}- 3]-^^^o11 ^^7> ^ 

15 ^sM^^i ^ ^l=l-. 

tb^, cf^o^ o^sSl- ^>^1- tb^'H] cj^ei ^>3^]oil 

oil i:fl«fl cf^ "til^i^S ^^^^ ^<?l?;t"«^l ^i^>5l7l] ^cf. cfA] ^*>Ta, ^> 
SI- ^U^* 1^ al^tti^l- cfeTii ^^^^l-o^ <a-J:Sl- ^VS.^ 
20 ^S. 5m-. ttfel-A^, :i^o11 Ul-Sil-A-:]^ 7]-S.^]^^ ^]3.^<^] X-l^Vs^o^ o;^^ 

S.s\- 7-}s.^ ^M^S. ^^^i ^■9l^k-^ 7}S.^ ^^ofl tr}-el- r^-STfl 

9 
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^ ^^^^ St]: :a.<y: <>|^t-1^ ^\^^ % ^^^i Ai:^^iEjo.^ 
^^^^ ^e.'?]: ^1^^^<H1 ^tl: ^oli^. 

A^;^^Alu>li)- o^xgE-IS^E-l AflS-O] A^A^^l til^7l^ ^^5|-^><^ ^^B^ Aj^^ 
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5 ^^s^>^ ^>7lsq- ^cf. cfnV, 98 ^^ol^lo]] -aiE^ 2000, 

:a.<?v 'H^^s. :y.vfljL, :a.<?]:2.=A] "y-j^sj-^ ^'3 

10 Bl^^E] ^^^rl-D^, c.l^<Hl^ wi^7ls <a-3:5|-^ 7]3.^ i-y: 

tfl o^icl^V 7lS=7l- ^^^Cf^ ^-§-HSZl^ <yEi3llol>^cHl ^ufl 

15 1^. 

tb^, -§-§-^SrL^ol z|-:^^>i47> ^^>^>3^^>^, -§- 

<?l7>Al^ BIOS -i^^, LOADER KERNEL ^l^^ ^^l^e^^l" 
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:a.<LV^ ^*>^ 7\s.s] ^-l^v iflxi ^^e] ^^o] ^^^El-^S- ^^5]^, ^^el 

:e.oi-2.:c ^^o] :a^-g: A^>^ ;=^>s 

^^>^, •y-^sly^l'S^ HS^flA-^^ A-flolH^lS. ^^?r>:ii ^flolH. 

^>5-", "til^^J: CRC ^k" ^ "^5:2)- 7]-S. CRC 
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t!-^, -g-#HS.ii^^s.-^B]s] ^^^^ 

^jtio) ^Ji^ofl ^o]^, ^o]^ p)]2.s:i ^E-lsflloi:^^ al^Bi 

5 ^-flolH^ls ^^th ^-flc)!^?!^ tij^BiJii- o}-J:^?r>o^ <y-J:^ 

^ wj^^jLS^ CRC CRC ^")^ ^]^^}^, "M]o]S.^]"^ 

^^sr}ji "tiiigoi^ CRC wlia/^^el-^s ^^tb^. 

/^^^^ ^m^i^^ ^12.511- i?l]^*>c^ ^]3.^^] ^i^S]^ "Wj^^ 
5: CRC ^"o] ''^SLsJt/^]'^^ ^S.^^^S.^^E-] CRC ^"4 

10 -^"^^V;^! o^-^l- ^'^Itl-T^. ^^s. CRC ^Jt^l ^'^^^ ^-^^]^ :^>S^-1^^ ^1 

s.sl^^Ei <y-^^ ;^>s» ^^^s ^^*>:a, ^^^^^ ^]^/ 

^^tb ^Jisl- ^}^^ M]o]^7]s. ^o]^ 1^12. e) 

<?lE^3Jl]oi^s ^^tv ^ ^floj^^i^ <^-:^lt!-cf. ^^s. CRC s^rol ^^*>^1 

15 ^l-^l^>31 tij'gwij^o^ ^-^^l A}^^ ^^E^ Al:iEjo.^ 9 % 

20 >^>s.^ ^d-^^^<Hl^i ;^p> <^^s.^-^^] ^i-Efl<^l^i 

^^l^O.^^^ ^^E-l -^^A] ^^Ei Al^iE^o^ ^^l^Bl^>oll 

13 




5 ^7] <a-:£2|-^'=Hl^i :e.<?>^ls. ^j:s}-^l-o^ ^^^i 

^tl- ^'^l^^i -S-^l-Hl :a.<?v# ^e>^ 7\s.s] 7.^^^o\] ^tb "fl, ^^^^ 
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10 ^ ^S-^lk ^ofl ^^*>J1, wligoi:&7> 

5fl ^^^e:i«.^ ^^^4. ^^^sl^fe ^^^^Bfl ^A]^^^ ^^(ON)^>Ji 

^^A, = 71^:e. <?^^^1- ^«fl 71 

20 ^^^Ei-^s- ^^^t:^. ^^^^^ 7i:a.=s. 

» ^f-(ON)*VJl Wl^7ll- ^S>§€r>oi ^7l <a-^S)-^Sl- 

15 



FCT/KR U U / U U ^ i 1 



^^s]^fi1- -a-Jisl-^s ?i^€4. ^^^s^^^ i^s.:E. 

15 S^b^ ^Cf. 

1- ^^^1 $tb ^-f^l^ .a^V <H^Bi7> i^^Va^ 1-^^T-Bfl7> S\JL ^^^^ 
^ ^913.^ ^7]^o] ^ A]^^ ^^^}7]] ^] 

H, 7]^^ ^^l^B^^b ^ 4:£S}-€ ^>^^^ HS.s*<^l ^^}<=^ ^9}3.B. 

16 



FCT/iLR 0 Oy 0 1 1 




5 # «]-%-^^ ^ ^^^Sl i^^tfloflA-l cfoJ:^> ^ 0.^01 7>^^ ^olcf. 

15 £ 5^ ^ ^^-^l^i n^s-:^ -g^^^l^ ^7^i:£oiji; 

£ 6^ ^ ^^<^1A-^ S11^12.:E. ^^^^12^ H}.^ ^;^]3EolZL; 

20 tfltt 

£ 9^ £ 45^ tiov cHi^E-ioi]A^ x-i^j-si <y-j:5l- ^>s.# ^xsi-^l-^ 

17 



A1>,E^<^1 ^<a^>C^ A>^>^>o^ tij^^VS* £-§-^fe ^ o;^ 



p-^ /TP 0 f) / Q 0 3 11 




5 ^ o^^^ <^^s:^^}^ ^^E| A]^B^oii ^^^>ZL ^<^J:S.^ 

^S. ^91 'H'^H.i 

^Al al^7l» ^5Aj^>^ ^^^e:1:^S-^b1 ul^^m -S-'^r^l 

15 I^^%>31 

^E^ziofl <S^S1^ 9^^^; ^^E] Al:iiE^Jlj-0^ -^Al o. 

^H^f; wl^^ll- ^S^^^V^, Ja^bS-:^ ^^'^'fl ^sl- i'ibS-:^ ^ 

-^^.-^E-l^l til ^711- ^J:5]-*l-0^ ^^E^ Al>,E^O.^ ^*^>^ 2:71 

^ :a<y:S.^7> ^^jsJSi* nil), -^^Bi«^«.E^o^ tii^^ls. 71^:^ 
^J:2l-*>^ ^^Ei Ai^Eflo.^ ^4^*>^ ^^^^ i^^V 

19 




^^^i ^^^^ ^^?]:")# ^ til 

20 




:5i^^>ji ^:&s|-^<^l x-i:^v^ ^^joi^^ll- ^M1^>D^, ^^^^ 

^tl: yl'a^i:^ -S-^ ^^Ei Al^e^o.^ ^^*>°^, 

15 ^^S. ^^l^S ^91 ^"^^l 

^1 5%>«fl ^^^^ CRC '&J1S^^<=>11 5]*fl 

-e.<y:7l» ^I^^^V^ 7]^, til ^71^ <a-5:sj-/^:£s)-*>^ 7]^, Jl^7]^ <y-J: 

21 



PCT/KR 0 0 / C 03 11 

• 



^7] <a-:£s^^oflA-^ ^<?>7is. wj^^ii- «a-^^^>c:^ ^^E^^ 

20 :a.<y:H.^ 7ls= <?^^^^^7> ^l^JE.^ 

^]3.^ ^Ji ^^b^^ ;^lcH 

^» *«fl ^^H^ 71^ 7li^ ^>^l^el^>s ^^*>^ ^7?m s 

22 



PCT/KR 0 0/ U J J 11 



8«J-'=H] ^^^i, ^>7l til^^ll- ol-g-tV 71^^ ^^Ei Al:i. 

B^o^ ^7] ^>^mBlX>7> ^>-7^M-, ^'=g^l^l7> ^7^ ^/S^ -g-§-^ 

S-^^o] ^^l^S. 7l^H ^^^^^^^5] ^o).^ 
5 [^^%M0] 

^1 8%i-<^1 ^>^l^e]^>sf -i-g-HSzL^^, ^ 

^^o]] o^*]. ^ol^Ai -^Alo^l ^o>^ ^e].^ ^V^o^ Z-]^Voll 

15 s.^^ wl^T^^* <^l-g-s^M <a-s:^^v ^ ^i^J-^VJi, 

^ ^^^^ ^^^Vji, til^^^7> *w>sxi Afl 

23 



PCT/KR 0 0/ 'J d 2 1 ] 




^ ^^^^ 7l^:^^^E^5i 7]^:^ ^a^^iii* "^t^^MI ^^^1 ai>^ 
^^o.^ ^^^>^ ja*?]: cH'gti^ JL^tl- ^^^i tiov Aj^Efloil 

= S.^El5^ "a-J^^^V^l ^^Ei Al>^^EflO.^ ^^^^ 

^ sl^iojcf. sEtb, :a°>* ^>s^ 

^Ei :a'L> ^>-§-*m ^Bi^-^om- ^31]. cfloiEi viiB^^a 

15 3^}7> tll^J ^S] ^^Ei Al^iE^ofl ^<a^>a^ ^V-g-^V^ til^;^>^l- 

S. 1 



24 



(12) INTERNATIONAl^^r LIGATION PUBLISHED UNDER THE PAllPf COOPERATION TREATY (PCT) 



(19) World Intellectual Property Organization 
International Bureau 

(43) International Publication Date 
8 February 2001 (08.02.2001) 




PCT 



llllllilll 



(10) International Publication Number 

wo 01/10079 Al 



(51) International Patent Classification^: H04L 9/32 

(21) International Application Number: PCT/KROO/008 1 1 

(22) International Filing Date: 27 July 2000 (27.07.2000) 
(25) Filing Language: Korean 



(26) Publication Language; 



(30) Priority Data: 
1999/31145 



29 July 1999 (29.07i999) 




(71) Applicant (for all designated States except US): SAFE 
TECHNOLOGY CO., LTD. [KR/KR]; 48-18 Union 
Building, 4F, Songpa-Dong, Songpa-Gu, Seoul 138-070 
(KR). 

(72) Inventor; and 

(75) Inventor/Applicant ffbr US only): LEE, Jong, Woo 



[KR/KR]; 101-901. Hansung Apt, 698-2, Pung- 
duckchun-ri, Suji-eub, Yongin-si, Kyeongki-do 449-840 
(KR). 

(74) Agent: SOHN, Chang, Kyu; 401 In-bong Building, 
640-21, Yoksam-dong, Kangnam-gu, Seoul 135-080 (KR). 



(81) Designated States (national): CN, JP, KR, RU, US. 

84) Designated States (regional): European patent (AT, BE, 
CH, CY, DE, DK, ES, H, FR, GB, GR, IE, IT, LU, MC, 
NL, FT, SE). 



Published: 

— With international search report. 

For two-letter codes and other abbreviations, refer to the "Guid- 
ance Notes on Codes and Abbreviations " appearing at the begin- 
f^ing of each regular issue of the PCT Gazette. 



(54) Title: ADAPTER HAVING SECURE FUNCTION AND COMPUTER SECURE SYSTEM USING IT 



On 



O 



lYancinit/ noetv« 



(57) Abstract: A secure adapter and 
a secure computer system including 
thereof to safely transfer the key code 
input information from the keyboard to 
the computer system. The invention 
enables transferring the key code inpxA 
information after encrypting it only when 
the secure mode setup command is re- 
ceived from the keyboard or the conq>uter 
system, and transf^ the information 
from the keyboard to the computer 
system without encryption if the secure 
mode clearing command is received or 
under the secure mode clear state. Also, 
if storage and processing of the data 
requires special secure handling, the 
data can be encrypted and decoded only 
when the user enters correct password, 
and safe memory which does not store 
separate password may be added. If the 
secure adapter and the computer secure 
system employing thereof of the present 
invention is used» it is possible to prevent 
a third person from intruding into the 
computer system by hacking and stealing 
user's secrete data, for stock exchange, 
Internet banking, cyber transactions and 
other commimications over the Internet, 
modem commimications or network data 
exchange. 
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ADAPTER HAVING SECURE FUNCTION AND 



COMPUTER SECURE SYSTEM USING IT 



Technical Field 

This invention relates to adapter ("secure adapter"), to be installed and used 
between a computer system and a keyboard, which provides security function, and 
secure computer system using thereof, in particular, to configuration for transferring 
input information from keyboard to computer system in secure mode by encrypting the 
data, and for transferring information to computer system in clear mode without 
encryption. 

Background Art 

Development of computers and rapid growth of information exchange and 
conmiunications over Internet has opened the way for quick and easy access to 
information. In particular, Internet brings a representative paradigm of creating 
informational environment for individuals, business and e-trade. Internet features 
openness and conformity, and surmounts difficulties in exchanging and sharing 
information resources whether used by an individual or a company, whereas the basic 
drawback of the Internet with respect to information protection and communication 
safety has been putting serious obstacles. Thus, what is needed is information secure 
system, which is operable for each service type or application whether communication 
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Thus, the object of the present invention is to solve the above problems in full 
and to tackle related technical issues. 

That is, the object of the present invention is to prevent information (data) from 
5 being drained by other persons using methods not intended by user, such as hacking, 
enabling the user setting up a secure connection between the computer system and the 
keyboard for entering data from the keyboard into the computer system . 

Also, in the case of with additional safe memory, since the data am be 
10 encrypted/decoded only when the user supplies password, and the encryption password 
is not stored or preserved separately, the present invention can cope with such problems 
as reproduction and can deal with storing and processing of the data which requires 
secure handling. 

15 Summary of Inventio n 

To achieve the aforementioned objects, the present invention, which is an 
adapter to transfer key code input information from the keyboard to the computer 
system, is configured to transfer the key code input information from the keyboard to 
20 the computer system after encrypting it only when the secure mode setup conmiand is 
received from the keyboard or the computer system, and to transfer the information 
from the keyboard to the computer system without encrypting the data if the secure 
mode clear command is received or when in the clear secure mode state. 

25 At the secure mode, the encrypted key code input information may be the 
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a transmit/receive control on the keyboard to control communication with the 
keyboard; 

a main processor to create a secrete key, to perform secure mode setup/clearing 
according to the secure mode commands, and to exchange the data between the 
5 computer system and the keyboard; 

an initial cipher to encrypt the secrete key transferred from the main processor 
with the secure key from the computer system and then transmit the encrypted secret 
key to the computer system when the secure mode is set up; and, 

a stream cipher to encrypt the key code input information with the secrete key 
10 from the main processor and then to transmit the encrypted information to the computer 
system when the secure mode is set up. 

Said transmit/receive control on the computer writes all information to be 
transmitted on the input buffer first so that the control program transmits it at a proper 
15 time, and all received messages are written on the input buffer and can be used in other 
modules. 

Said transmit/receive control on the keyboard transmits the key code input 
information from the keyboard to the main processor, all commands transmitted are 
20 written on the buffer and this module transmits them at a proper time. 

Said stream cipher encrypts information transmitted from the main processor 
with the secrete key. While each different encryption function is applied because bits or 
characters of a plain text are encrypted, and thus different encryption function is applied 
25 and respective plain text bit is encrypted irregardless of other bits for stream cipher, 
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secrete key was not performed normally. The secure mode indication lamp is not only 
installed on the secure adapter, but on the front of the computer body, the keyboard or 
on the monitor as the case may be. If necessary, a small indicator (i.e., an icon type, 
etc.) can be displayed on the setup screen on the monitor to prompt whether the secure 
mode is set up or not. 



Depending on the case, safe memory interworking with the main configuration 
of the secure adapter may be added. Said safe memory operates under the secure mode 
that an application program executed on the computer system established in necessary 
case, and is used for storing and processing encrypted data which requires separate 
security handling. 

More specifically, said safe memory comprises: 

a safe memory interface to transmit a password transmitted from the main 
processor, or the password and the data which requires security ("secure data"), to an 
encryption/key operation processor, and to transmit the data received from a decoder to 
the main processor; 

an encryption/key operation processor to convert the password to the key ("the 
safe key"), and then, if the secure data is not received together with the password from 
the safe memory interface, to transmit the safe key to the decoder and to encrypt the 
password with the safe key by encryption algorithm and calculate the integrity 
identification value of the encrypted password ("password integrity identification 
value") and then to transmit the password integrity identification value to a 
comparison/processor, and, if the secure data is received together with the password 
from the safe memory interface, to encrypt the secure data with the safe key and 
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password as the password used for storing the encrypted data. Whether the correct 
password is entered is acknowledged as valid access only when values are the same 
after comparing the "password integrity identification value" stored in the encrypted 
data of the data storage memory with the "password integrity identification value" 
5 calculated after encryption with the safe key converted from the newly entered 
password. 

Therefore, the safe key transferred from the encryption/key operation processor 
to the decoder is temporally stored on the buffer of the decoder and then the key is 
10 deleted from the buffer by the command from the comparison/processor, where the 
stored "password integrity identification value" and the "password integrity 
identification value" calculated from the newly entered password are not the same, as 
the result of execution of the comparison/processor. 

15 The conversion of password to a safe key may be executed using various 

known methods such as hash function or polynomial algorithms. Representative 
examples are the MAC hash function, the MDC hash function, the MD4 hash function, 
the MD5 hash function, the SHA hash function, the CRC algorithm, and so on. 

20 The integrity identification protects data against hacker's active attacks 

because it is used as a means to identify the person who performs the access. As a 
method to identify the integrity, various known algorithms described above can be used, 
in particular Cyclic Redundancy Checking (CRC) algorithm is preferred. In transmitting 
the data of K bits, the CRC algorithm transmits the data of k+n bits by dividing the 

25 transmitted data into n+1 bit patterns and adding the remaining of n bits length occurred 
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enter data is correct, while the "encrypted data integrity identification value" being used 
to identify whether the encrypted data is stored without errors or with errors during 
storage. That is, it is possible to identify the above by repeatedly encrypting the decoded 
data with the safe key, calculating the integrity identification value of the encrypted data, 
5 and comparing the value with the encrypted data integrity identification value written 
on the data storage memory. Therefore, it is possible to confirm whether errors occurred 
in storing or decoding the encrypted data, by adding a separate module that can execute 
such a function or adding such a function to the basic configuration module. 

10 On the other hand, if each different password is used in storing the multitude of 

encrypted data at the same time or several times to the data storage memory, a different 
"password integrity identification value" is stored respectively for the encrypted data. 
That is to say, passwords may be set differently in storing data, and thus may be specific 
to the type of encrypted data. Accordingly, if necessary, it is possible to establish the 

15 password integrity identification value of the encrypted data stored on the data storage 
memory depending on the type of encrypted data. In the drain process of the encrypted 
data, all encrypted data with the same "password integrity identification value" are 
decoded. 

20 The encryption algorithm used in the safe memory may differ from the 

encryption algorithm used in the stream cipher of the secure adapter. 

The present invention also relates to the computer security system, which 
comprises the secure adapter, the keyboard and the computer system. 

25 
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misuse the external interface of the keyboard for hacking purposes. 

Referring now to the Fig.3, an example that the computer system can be 
executed under Microsoft Windows 98 and the keyboard manager has the decoding 
5 function is described below. However, in addition to Windows 98, corresponding 
protocols are applicable for Windows 2000, Windows/NT, Unix, Linux and so on. 

When the computer system is operated, the keyboard manager makes and sends 
the secure key to the secure adapter. Then the manager receives the secrete key 

10 encrypted by the secure key from the secure adapter in secure mode, and then receives 
key code input information encrypted by the secrete key from the secure adapter. The 
encrypted key code input information received from the secure adapter by the keyboard 
manager is not immediately decoded, but stored in a location of the keyboard manager 
or the computer system and only the signal that any key code is pressed is sent to the 

15 application progreun interface by the operating system. 

On the one hand, when an application program needs to examine the 
transferred key code during operation, the application program interface interrupts the 
code and requests decoding of the key code first pressed to the keyboard manager. Then 
20 the keyboard manager transfers the stored encrypted key code input information to the 
application program interface after decoding it with the stored secrete key, and then the 
application program interface returns the decoded information to the application 
program as the result of examination. 

25 With reference, if booting process of the computing system of the present 
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main processor and then the main processor receives and transfers the data to the safe 
memory interface. If the safe memory interface transfers password and the secure data 
to the encryption/key operation processor, the encryption/key operation processor 
converts the password to the safe key and encrypts the secure data and the password, 
using the safe key. On the other hand, the encryption/key operation processor calculates 
the CRC values of the encrypted password and the encrypted data, and then transmits 
the "encrypted data", the "password CRC value" and the "encrypted data CRC value" to 
the comparison/processor. The comparison/processor records the information to the data 
storage memory (refer to the Fig.8). 

In the meantime, if the secure mode setup command from the application 
program is for decoding the stored encrypted information, only the password transferred 
to the safe memory interface is sent to the encryption/key operation processor. The 
encryption/key operation processor encrypts password with the safe key after 
converting the password to the safe key, calculates the CRC value of the encrypted 
password ("password CRC value"), and then respectively transmits the "safe key" to the 
decoder, and the "password CRC value" to the comparison/processor. The 
comparison/processor scans the data storage memory and confirms whether the 
"password CRC value" stored in the memory is equal to the "password CRC value" 
received from the encryption/key operation processor. If two CRC values are equal, the 
comparison/processor receives and transfers the encrypted data from the data storage 
memory to the decoder. The decoder decodes the encrypted data from the 
comparison/processor with the safe key, and deletes the safe key after transmission of 
the data to the safe memory interface. If two values are not equal, the 
comparison/processor deletes the safe key stored on the decoder buffer and transmits 
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encrypting the key code input information with the secrete key and transferring the 
encrypted information to the keyboard manager through computer connection by the 
transmit/receive control on the computer; 

computer system decoding the encrypted information using the secrete key; 

main processor transferring the secure mode clearing command to the stream 
cipher when the secure mode clearing command is transferred from the keyboard or the 
computer system to the main processor of the secure adapter; and 

when secure mode is cleared, the stream cipher transferring the transferred key 
code input information to the keyboard manager through the computer connection by 
the transmit/receive control on the computer without encryption, if the key code input 
information of the keyboard is transferred to the stream cipher through the 
transmit/receive control on the keyboard after passing through the keyboard connection. 

Where the safe memory is incorporated into the main configuration of a secure 
adapter, the configuration further comprises the step of: main processor transferring the 
password from the transmit/receive control on the keyboard and the secure data from 
the transmit/receive control on the computer to the safe memory after the main 
processor transfers the password input request command to the computer system, and 
safe memory encrypting and then storing the received data using the password, if secure 
mode setup is made by the commeind from the application program of the computer 
system and also for data storage requiring security; but 

main processor transferring the password from the transmit/receive control on 
the keyboard to the safe memory after the main processor transfers the password input 
request command to the computer system, and safe memory decoding the encrypted 
data with the password and then transferring the decoded data to the main processor 
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computer cx>nnection by the transmit/receive control of the computer after encrypting 
the key code input information, using the secrete key transmitted from the main 
processor. The process to handle the encrypted key code input information, transferred 
to the keyboard manager, in the computer system is referred to the details described 
before on the Fig.3 basis. 

If the secure mode clearing command is directed from the computer system or 
the keyboard, the clear command is transferred to the main processor and the stream 
cipher by the transmit/receive control on the computer or the transmit/receive control on 
the keyboard. The main processor turns off the secure mode indication Isunp and 
tTcinsfers the secure mode clearing command to the stream cipher. Thereafter, key code 
values transferred from the keyboard are transferred to the computer system through the 
computer coimection by the transmit/receive control on the computer, without 
encryption in the stream cipher. 

The process to handle the not-encrypted key code input information, 
transferred to the keyboard manager in the computer system is referred to the details 
described before on the basis of the Fig.3. 

If the secure key is not acquired from the keyboard manager of the computer 
system during booting the computer, the secure adapter goes in the disabled secure 
mode, and the main processor sends periodical ON and OFF signals to the secure mode 
indication lamp. Then, by the keyboard manager and the decoded data transfer protocol, 
the disabled secure mode state may be notified on the monitor as a message type and so 
on, and the keyboard input information is transferred to the keyboard manager without 
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Fig. 6 shows steps for clearing secure mode in the present invention; 

Fig. 7 shows steps for processing key code input information under secure 



mode; 

Fig. 8 shows steps for encrypting and storing data in a secure adapter of the Fig. 

4; and 

Fig. 9 shows steps for decoding stored data in a secure adapter of the Fig. 4. 

Industrial Applicability 

If the secure adapter and the secure computer system employing thereof of the 
invention are used, it is possible to prevent third person from intruding into the 
computer system by hacking and stealing user's secrete data, for stock exchange, 
Internet banking, cyber transactions and other communications over the Internet, 
modem communications or for network data transfer. 
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keyboard; 



a main processor to create a secrete key, to perform secure mode setup/clearing 
according to the secure mode related commands, and to inter-transmit information of 
the computer system and the keyboard; 

an initial cipher to encrypt the secrete key from the main processor with a 
secure key from the computer system and then to transmit the encrypted secrete key to 
the computer system, under secure mode; and 

a stream cipher to encrypt the key code input information with the secrete key 
from the main processor and then to transmit the encrypted information to the computer 
system, under secure mode. 

4. The secure adapter according to Claim 1, further comprising a built-in secure 
mode indication lamp which is ON under secure mode, OFF under cleared secure mode, 
and periodically blinks under disabled secure mode, 

5. The secure adapter according to any one of Claims 1 through 4, further 
employing safe memory operation under the secure mode set by an application program 
executed in the computer system, said safe memory comprising: 

a safe memory interface to transmit a password transmitted from the main 
processor, or the password and the data which requires security ("secure data"), to an 
encryption/key operation processor, and to transmit the data received from a decoder to 
the main processor; 

an encryption/key operation processor to convert the password to the key ("the 
safe key"), and then, if the secure data is not received together with the password from 
the safe memory interface, to transmit the safe key to the decoder and to encrypt the 
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the computer system is for the safe memory. 

6. The secure adapter as claimed in Claim 5, where the said integrity 
identification value is calculated using the CRC algorithm. 

7. A computer secure system comprising the secure adapter, the keyboard and 
the computer system according to any one of Claims 1 through 6, where a separate 
secure key for entering secure mode setup/clearing command is incorporated in said 
keyboard and/or the secure mode setup/clearing command can be created by the 
combination of existing key codes, the computer system has the secure key creation 
function, the encryption/decoding function with the secrete key and the 
encryption/decoding function with the secure key, and the keyboard manager with 
application program interface is included. 

8. A method to secure key code input information comprising the steps of: 
transferring a secure key created in the keyboard manager of the computer 

system to the secure adapter in computer booting; 

creating a new secrete key in the main processor when the secure mode setup 
command from the keyboard or the computer system is transferred to the main 
processor of the secure adapter, and then transferring the secrete key to the initial cipher 
and the stream cipher of the secure adapter; 

encrypting the secrete key with the secure key in the initial cipher and then 
transferring the encrypted secrete key to the keyboard manager through the computer 
connection by the transmit/receive control on the computer; 

under secure mode, main processor transferring the information to the stream 
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the keyboard and the secure data from the transmit/receive control on the computer to 
the safe memory after the main processor transfers the password input request conmiand 
to the computer system, and safe memory encrypting and then storing the received data 
using the password, if secure mode setup is made by the command from the application 
5 program of the computer system £ind also for data storage requiring security; but 

main processor transferring the password from the transmit/receive control on 
the keyboard to the safe memory after the main processor transfers the password input 
request command to the computer system, and safe memory decoding the encrypted 
data with the password and then transferring the decoded data to the main processor 
10 where the password is correct, but not decoding the encrypted data where not correct, if 
secure mode setup is made by the command from the application program of the 
computer system and also for acquisition of the secure data. 
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FIG. 2 
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FIG. 5 
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FIG. 6 
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